Version 3.1.0

• Added an export() method to KeyFactory, and congruent import*()
  methods. For example:
  • export($key) returns a HiddenString with a versioned and
    checksummed, hex-encoded string representing the key material.
  • importEncryptionKey($hiddenString) expects an EncryptionKey
    object or throws a TypeError

Version 2.2.0

• Added an export() method to KeyFactory, and congruent import*()
  methods. For example:
  • export($key) returns a string with a versioned and
    checksummed, hex-encoded string representing the key material.
  • importEncryptionKey($string) expects an EncryptionKey
    object or throws a TypeError

Version 3.0.0

Version 3.0.0 is a breaking change in several ways:

1. We now default to URL-safe Base64 encoding (RFC 4648).
2. We now require users wrap plaintext in a HiddenString object to hide it from stack traces in case an uncaught exception occurs.
3. We are no longer backwards compatible with version 1.

The minimum PHP version for Halite 3 remains PHP 7.0.

List of changes from v2.1.2

• Use paragonie/constant_time_encoding
• We now default to URL-safe Base 64 encoding (RFC 4648)
• API change: Plaintext and password inputs must be a HiddenString
  object.
• Dropped support for version 1.
  • We no longer offer or use scrypt anywhere. Everything is Argon2 now.
  • KeyFactory no longer accepts a $legacy argument.
• Added TrimmedMerkleTree to Structures.
• Use is_callable() instead of function_exists() for better
  compatibility with Suhosin.

Version 2.1.3

Workaround for Suhosin bug (see #39).

Version 1.5.1

Workaround for Suhosin bug (see #39).

Version 2.1.2

No functional changes from 2.1.1, just cleaning our plate before switching gears to v3.

Version 2.1.1

Prevent an undefined index error when calculating the root of an empty MerkleTree.

Version 2.1.0

• Minimum PECL libsodium version set to 1.0.6.
• Key derivation (via KeyFactory) can now accept an extra argument to
  specify the security level of the derived key.
  • Scrypt: INTERACTIVE or SENSITIVE
  • Argon2i: INTERACTIVE, MODERATE, or SENSITIVE
• Password can now accept a security level argument. We recommend
  sticking with INTERACTIVE for end users, but if you'd rather make
  administrative accounts cost more to attack, now you can make that
  happen within Halite.
• MerkleTree can now accept a personalization string for the hash
  calculation.
• MerkleTree can output a specific hash length (between 16 and 64).
• Both MerkleTree and Node now lazily calculate the Merkle root
  rather than calculating it eagerly. This results in less CPU waste.
• Cleaned up the legacy cruft in the Key classes. Now they only accept
  a string in their constructor.

Version 2.0.1

• Fixed conflict with PHP 7 string optimizations that was causing File::decrypt() to fail in PHP-FPM.
• Introduced a new method, Util::safeStrcpy(), to facilitate safe string duplication without triggering the optimizer.

Version 2.0.0

• Halite now requires:
  • PHP 7.0+
  • libsodium 1.0.9+
  • libsodium-php 1.0.3+
  • (You can use Halite::isLibsodiumSetupCorrectly() to verify the
    latter two)
• Strictly typed everywhere
• You can no longer pass a well-configured but generic Key object to
  most methods; you must pass the appropriate child class (i.e.
  Symmetric\Crypto::encrypt() expects an instance of
  Symmetric\Crypto\EncryptionKey.
• Updated password hashing and key derivation to use Argon2i
• File now uses a keyed BLAKE2b hash instead of HMAC-SHA256.
• Key->get() was renamed to Key->getRawKeyMaterial()
• Password now has a needsRehash() method which will return true
  if you're using an obsolete encryption and/or hashing method.
• Util now has several new methods for generating BLAKE2b hashes:
  • hash()
  • keyed_hash()
  • raw_hash()
  • raw_keyed_hash()
• Removed most of the interfaces in Contract